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AMENDMENTS TO THE CLAIMS 
A detailed listing of all claims that are, or were, in the present application, irrespective of 
whether the claim(s) remain(s) under examination in the application is presented below. The 
claims are presented in ascending order and each includes one status identifier. Those claims not 
cancelled or withdrawn but amended by the current amendment utilize the following notations 
for amendment: 1 . deleted matter is shown by strikethrough for six or more characters and 
double brackets for five or fewer characters; and 2. added matter is shown by underlining. 



2 



Application No. 10/588,707 

1.-12. (Cancelled) 

13. (Currently Amended) A method for managing the authorization of access of a user 
terminal connected to an access network to an IP transport network, wherein a proxy server 
connected to the IP transport network implements the steps of: 

transmitting a RADIUS access request in accordance with the RADIUS protocol, to a 
remote authentication server of an IP service or access provider indicated in the access request, 
said access request having been transmitted, upon the request of said terminal, by an access 
server of the access network; 

transmission to the access server of the user's authentication response provided by the 
remote authentication server, said proxy server also implementing steps for: 

determining, for a RADIUS access request received from an access server upon the 
request of said terminal, whether local authentication of said user must be performed at the level 
of the access network before said step of transmitting said RADIUS access request to said 
remote authentication server . 

if a local authentication of said user must be performed, transmitting, by means of said 
access server, to said terminal, a message requesting authentication data, 

upon receipt of a response message from said terminal containing the authentication data 
requested, executing a local user authentication procedure, on the basis of said authentication 
data received. 
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14. (Previously Presented) The method according to claim 13, wherein the authentication 
data request transmitted by the proxy server to the user terminal if a local user authentication 
must be performed, is a challenge message containing a random nvmiber. 

15. (Previously Presented) Method according to claim 14, wherein the challenge message 
contains an indication enabling the user terminal to determine whether it concerns a local user 
authentication. 

16. (Previously Presented) The method according to claim 13, wherein the proxy server 
determines which access rights to assign to the user on the basis of the resuh of the local user 
authentication and the authentication response provided by the remote authentication server. 

17. (Currently Amended) A system for managing authorization of a user during an attempt 
by a user terminal to access an IP service or access provider by means of an IP transport 
network, which system includes: 

at least one access network to which the user terminal is cormected, 

at least one IP gateway ensuring the connection, respectively, between the access network 

and the IP transport network, 

at least one access server of the access network, designed to transmit, upon the request of 

the terminal, a RADIUS access request in accordance with the RADIUS protocol, 
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at least one remote authentication server associated with said IP service or access 
provider designed to authenticate said user on the basis of authentication data contained in an 
access request received by the remote authentication server, and 

a proxy server connected to the IP transport network, designed to retransmit a RADIUS 
access request, transmitted by the access server upon the request of a terminal, to a remote 
authentication server of an IP service or access provider indicated in the access request, and to 
retransmit, to the access server, the user's authentication response provided by the remote 
authentication servers the proxy server includes: 

means for determining, for [[a]]said RADIUS access request received from said[[an]] 
access server upon a user's request, whether or not a local authentication of the user must be 
performed at the access network level before transmitting said RADIUS access request to said 
remote authentication server , 

means, activated if [[a]]the local authentication of said user must be performed, for 
transmitting by way of said access server, to said terminal, a message requesting authentication 
data, 

means, activated upon receipt of a response message from said terminal containing the 
authentication data requested, for executing a local user authentication procedure, on the basis of 
said authentication information received. 

18. (Previously Presented) The system according to claim 17, the proxy server also includes 
means for determining an overall authentication resuh on the basis of the local user 
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authentication result and the user's authentication response provided by the authentication server, 
and for retransmitting the overall authentication result to the access server. 

19. (Previously Presented) The system according to claim 17, wherein each access server 
includes a RADIUS client and the proxy server includes a client and a RADIUS server, for 
exchanging messages in accordance with the RADIUS protocol. 

20. (Previously Presented) The system according to claim 17, wherein the authentication data 
request message transmitted by the proxy server to locally authenticate the user is a challenge 
message, wherein the proxy server comprises means for generating a random number that is 
inserted into the challenge message, and means for verifying the response to the challenge 
message received from the user terminal. 

21. (Previously Presented) The system according to claim 18, wherein the proxy server 
includes means for determining which access rights to assign to the user on the basis of the 
overall authentication result. 

22. (Currently Amended) A proxy server for managing authorization of access of a user 
terminal connected to an access network, to an IP transport network, wherein the proxy server is 
cormected to an IP transport network and includes: 



6 



Application No. 10/588,707 

means for transmitting a RADIUS access request in accordance with the RADIUS 
protocol, to a remote authentication server of an IP service or access provider indicated in the 
access request, 

said access request having been transmitted, upon the request of said terminal, by an 
access server of the access network; 

means for transmitting, to the access server, the user's authentication response provided 
by the remote authentication server, said proxy server also includes: 

means for determining, for [[a]] said RADIUS access request received from said [[an]] 
access server upon the request of said terminal, whether or not a local authentication of said user 
must be performed at the access network level before transmitting said RADIUS access request 
to said remote authentication server . 

means, activated if a local authentication of said user must be performed, for transmitting, 
by way of said access server, to said terminal, a message requesting authentication data, 

means, activated upon receipt of a response message from said terminal containing the 
authentication data requested, for executing a local user authentication procedure, on the basis of 
said authentication information received. 

23. (Previously Presented) A computer program including program code instructions for 
implementing the steps of the method for managing authorization of access of a user terminal 
according to claim 13 when said program is run on a computer. 
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